CVE-2021-23018
Description
Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before 3.4.0 namespace are using cleartext protocols inside the cluster.
Risk Information
Base Score
7.4
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.22
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cleartext Transmission of Sensitive Information Vulnerability (CVE-2021-23018) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234